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DETAILED ACTION 

1. This is a non-final action in response to communications filed February 17, 2006. 
In the preliminary amendment filed February 5, 2002, Applicant amended claims 3-8, 
10-11, 19-22 and 27-28, cancelled claims 12-18 and 23-25, and added claims 29-47. 
Applicant has currently amended claims 1, 2 and 28. Claims 1-11, 19-22, and 25-47 are 
pending in this action. 

Priority 

2. Receipt is acknowledged of papers submitted under 35 U.S.C. 1 19(a)-(d), which 
papers have been placed of record in the file. The requirements for foreign priority have 
been satisfied, and the effective filing date of this application is the date of the priority 
document, August 13, 1999. 

Response to Arguments 

3. Applicant's arguments, see page 16, filed February 17, 2006, with respect to 
claims 1 and 2 have been fully considered and are persuasive. The objection of claims 
1 and 2 has been withdrawn. 

4. Applicant's arguments, see pages 16-18, filed February 17, 2006, with respect to 
the rejection(s) of claim(s) 29 under 102(e) have been fully considered and are 
persuasive. Therefore, the rejection has been withdrawn. However, upon further 
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consideration, a new ground(s) of rejection is made in view of Rabin et al., US Patent 
6,697,948 B1 , in view of in view of Graunke et al., U.S. Patent 5,991 ,399. 

5. Applicant's arguments with respect to claim 1-11, 19-22, and 25-47 have been 
considered but are moot in view of the new ground(s) of rejection. 

Claim Objections 

6. Claim 1 is objected to because of the following informalities: "data" has been 
mistyped as "date" in line 6 of the claim. Appropriate correction is required. 

7. Claim 37 is objected to because of the following informalities: "...its respective 
data..." has been mistyped as "...is respective data..." in line 4 of the claim. Appropriate 
correction is required. 

Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

8. Claim 1 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. 
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9. Regarding claim 1 , it is unclear whether the phrase "at least one of:" refers to all 
limitations following or just to the secure executor and secure loader As such, the 
scope of the claim is indefinite. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

10. Claims 1-2, 4-6, 8-11, 21-22, 26, 29, 31, and 33 are rejected under 35 

U.S.C. 103(a) as being unpatentable over Rabin et al., US Patent 6,697,948 B1, in view 
of Graunke et al., U.S. Patent 5,991 ,399. Examiner notes that corresponding prior art 
terms may accompany the claim language in bracketed form. 

1 1 . Regarding claim 1 , Rabin et al. teach a computer platform having: 

means storing license-related code (supervising program (SP), tag table, and optional 
fingerprint table, see figure 4, items 209, 126, and 210) comprising at least one of: 
a secure executor (SP) for checking whether the platform or a user thereof is licensed to 
use particular data and for providing an interface for using the data (figure 4, item 209, 
figure 8, column 47, lines 14-45, column 40, lines 6-9); 
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means storing a hashed version of the license-related code signed with the third party's 
private key (column 40, lines 47-65, where the signed tag is stored on the user device, 
showing that the device provides means for storing signed license-related code); 
means for integrity checking the license-related code with reference to the signed 
version and the public key certificate and preventing the license-related code from being 
loaded if the integrity check fails (column 40, lines 53-65, where Examiner interprets 
rejecting the instance as preventing the code from being loaded if the tag fails the 
integrity check). 

Rabin et al. do not teach a trusted module. 

Graunke et al. teach a trusted module (tamper resistant key module) which is 
resistant to internal tampering (column 7, line 31) and which stores a third party's public 
key certificate (column 7, lines 31-58), and that this key is used to verify the integrity 
and authenticity of the license-related code (trusted player) (column 8, lines 39-60). 
Graunke et al. further provide the motivation that a key module verifies the authenticity 
of a software executor (storage device reader) and that access to the content is allowed 
and that making it tamper resistant ensures that an attacker will not be able to modify 
the integrity parameters or otherwise alter the key module (column 4, lines 48-50, lines 
64-67, column 5, lines 1-2, lines 1 1-14). It would have been obvious to a person of 
ordinary skill in the art at the time of applicant's invention to use the tamper-resistant 
module (key module) of Graunke et al. with the platform of Rabin et al. to ensure the 
authenticity of the executor and that access to the content is allowed. 
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12. Regarding claim 29, Rabin et al. teach a computer platform having: 

means storing license-related code (supervising program (SP), tag table, and optional 

fingerprint table, see figure 4, items 209, 126, and 210) comprising, for at least one 

group of data (instances of software), a respective software executor which specifies 

the respective group of data and which is operable to act as an interface to the group of 

data, the license related code further comprising at least one of: 

a secure executor (SP) for checking whether the platform or a user thereof is licensed to 

use particular data and for providing an interface for using the data (figure 4, item 209, 

figure 8, column 47, lines 14-45, column 40, lines 6-9); 

means storing a hashed version of the license-related code signed with the third party's 
private key (column 40, lines 47-65, where the signed tag is stored on the user device, 
showing that the device provides means for storing signed license-related code); 
wherein the computer platform is programmed so that, upon booting of the platform 
(column 60, lines 17-33): 

the license-related code is integrity checked with reference to the signed version and 
the public key certificate (column 40, lines 53-65, and column 60, lines 17-33, where 
Examiner believes it would have been obvious to use a signature with the fingerprint in 
order to produce a signed digest for verification, as was done to verify the integrity of a 
signed tag in column 40, lines 53-65); and 

if the integrity check fails, the license-related code is prevented from being loaded 
(column 40, lines 53-65, where Examiner interprets rejecting the instance as preventing 
the code from being loaded if the tag fails the integrity check, and column 60, lines 17- 
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33, where the example checks the operating system, but states that it can also be used 
to check the SP); and 

The platform of Rabin et al. does not teach a trusted module. 

Graunke et al. teach a trusted module (tamper resistant key module) which is 
resistant to internal tampering (column 7, line 31) and which stores a third party's public 
key certificate (column 7, lines 31-58), that this key is used to verify the integrity and 
authenticity of the license-related code (trusted player) (column 8, lines 39-60), and that 
part of the license related-code (IVK, synonymous to the device which checks integrity 
and authenticity of SP and OS in Rabin et al.) is stored in the trusted module (column 7, 
lines 31-40). Graunke et al. further provide the motivation that a key module verifies the 
authenticity of a software executor (storage device reader) and that access to the 
content is allowed and that making it tamper resistant ensures that an attacker will not 
be able to modify the integrity parameters or otherwise alter the key module (column 4, 
lines 48-50, lines 64-67, column 5, lines 1-2, lines 11-14). It would have been obvious to 
a person of ordinary skill in the art at the time of applicant's invention to use the tamper- 
resistant module (key module) of Graunke et al. in the platform of Rabin et al. to ensure 
the authenticity of the executor and that access to the content is allowed. 

13. As per claim 2, the platform of Rabin et al. and Graunke et al. teaches the 
platform of claim, wherein the means for integrity checking further comprises: 
means for reading and hashing the license-related code to produce a first hash; 
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means for reading and decrypting the signed version using the public key certificate to 
produce a second hash; and 

means for comparing the first and second hashes (Rabin et al., column 40, lines 47-61); 



14. As per claim 4, the platform of Rabin et al. and Graunke et al. teaches the 
platform of claim 1, wherein the license-related code (trusted player) also includes a 
library of interface subroutines which can be called in order to communicate with the 
trusted module (Graunke et al., column 8, lines 34-35, column 8, line 61 - column 9, line 
1 , where the license-related code executes the trusted module and play content 
decrypted by the module, therefor showing that it contains libraries to communicate with 
it). 



15. As per claim 5, the platform of Rabin et al. and Graunke et al. teaches the 
platform of claim 1 , wherein the license-related code includes, for at least one group of 
data (software instance), a software executor which specifies the respective group of 
data and which is operable to act as an interface to that group of data (Rabin et al., 
figure 4, item 209, figure 8, column 47, lines 14-45, column 40, lines 6-9). 



16. As per claim 6, the platform of Rabin et al. and Graunke et al. teaches the 
platform of claim 1 , wherein the means storing the license-related code and/or the 
means storing the hashed version of the license-related code are provided, at least in 
part, by the trusted module (Granke et al., column 7, lines 31-40, where the IVK of 
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Graunke et al. is synonymous to the device which checks integrity and authenticity of 
SP and OS in Rabin et al). 

17. As per claims 8-10, the platform of Rabin et al. and Graunke et al. teaches the 
platform of claim 1 wherein: 

the operating system is operable to request the secure loader to license-check whether 
the platform or a user thereof is licensed to install that particular data and/or to check 
the integrity of that data; 

in response to such a request, the secure loader is operable to perform such a check 
and respond to the operating system with the result of the check; and 
in dependence upon the response, the operating system is operable to install or not to 
install the particular data (Rabin et al., column 60, lines 55-61 , where the check may be 
done prior to installation, as described above in reference to execution). 

18. As per claim 1 1 , the platform of Rabin et al. and Graunke et al. teaches the 
platform of claim 10, wherein the license-related code includes, for at least one group of 
data (software instance), a software executor which specifies the respective group of 
data and which is operable to act as an interface to that group of data (Rabin et al., 
figure 4, item 209, figure 8, column 47, lines 14-45, column 40, lines 6-9). 

19. As per claim 21 , the platform of Rabin et al. and Graunke et al. teaches the 
platform of claim 1, wherein: 
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the secure executor contains at least one licensing model (Rabin et al., column 59, lines 
37-57); 

the operating system is operable to request the secure executor that particular data be 

used (figure 8, column 47, lines 14-33); 

in response to such a request, the secure executor is operable: 

to perform a license-check using the, or one of the, licensing models; and 

upon successful license-check, to request the operating system to use the data (Rabin 

et al., column 59, lines 37-57, column 47, lines 14-33). 

20. As per claim 22, the platform of Rabin et al. and Graunke et al. teaches the 
platform of claim 21, wherein the operating system is programmed to use the particular 
data only in response to the secure executor or the software executor (Rabin et al., 
column 59, lines 37-57, column 47, lines 14-33). 

21 . As per claim 26, the platform of Rabin et al. and Graunke et al. teaches the 
platform of claim 21, wherein the trusted module is operable to log the request to the 
operating system to use the data (Rabin et al., column 31, lines 57-64, column 42, lines 
48-58). 

22. As per claim 31 , the platform of Rabin et al. and Graunke et al. teaches the 
platform of claim 29, wherein the operating system is programmed to install (play) the 
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particular data only response to the trusted module (Graunke et al., column 8, line 61 - 
column 9, line 1). 

23. As per claim 33, the platform of Rabin et al. and Graunke et al. teaches the 
platform of claim 29, wherein if the check succeeds, the trusted module is operable to 
generate a log for auditing the particular data (Rabin et al., column 31 , lines 57-64, 
column 42, lines 48-58). 

24. Claim 28 is rejected under 35 U.S.C. 103(a) as being unpatentable over Barber 
et al., US Patent 5,390,297, in view of Sigbjornsen et al., US Patent 6,266,416. 

25. Regarding claim 28, Barber et al. teach a method of transferring a license (or a 
key therefor) for data from a first computer platform to a second computer platform, 
comprising the steps of: 

setting up secure communication between the platforms (column 7, lines 58-64, claim 

2); 

sending the license or the key therefor from the first platform (second node) to the 
second platform (local node) using the secure communication (); and 
deleting the license or key therefor from the first platform (second node) (figure 3, 
column 1 0, line 65 - column 1 1 , line 1 5). 

The method of Barber et al. does not teach trusted modules containing the license. 
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Sigbjornsen et al. teach software licenses stored in trusted modules (smart 
cards) (column 7, lines 31-34). Sigbjornsen et al. further teach that smart cards provide 
flexibility (column 7, lines 29) and are considered the most tamper-proof protection of 
data (column 8, line 61 - column 9, line 7). It would have been obvious to one of 
ordinary skill in the art at the time of invention to store the licenses of Barber et al. in the 
smart cards of Sigbjornsen et al. to protect them from tampering. 

Allowable Subject Matter 

26. Claims 3, 7, 19, 20, 27, 30, 32, 34-47 are objected to as being dependent upon a 
rejected base claim, but would be allowable if rewritten in independent form including all 
of the limitations of the base claim and any intervening claims. 

Conclusion 

27. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

28. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kerry McKay whose telephone number is (571) 272- 
2651. The examiner can normally be reached on Monday-Friday, 8:00am-4:30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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